While malware models have become increasingly accurate over the past few years, none of the existing proposals accounts for the use of Network Address Translation (NAT). This oversight is problematic since many network customers use NAT in their local networks. In fact, measurements we collected from a distributed honeynet show that approximately 19 % of the infected hosts reside in NATted domains. To account for this fact, we present a model that can be used to understand the impact of varying levels of NAT deployment on malware that spread by preferentially scanning the IP space. Using this model, we show that NATting impedes malware propagation in several ways and can have a significant impact on non-uniform scanning worms as it invalida...
This document identifies two deployment scenarios that have arisen from the unconventional network t...
Abstract. Computer virus and worms perform randomly spyware and port-scanning to find a vulnerabilit...
Abstract. Sophisticated worms that use precomputed hitlists of vulnerable targets are especially har...
Some widely deployed protocols work transparently within NAT environments, but others fail completel...
<p>A botnet is a collection of computers infected by a shared set of malicious software, that mainta...
Abstract. Many Internet customers use network address translation (NAT) when connecting to the Inter...
Abstract only availableNetwork Address Translators (NATs) that map private addresses to public ones ...
The use of Network Address Translation (NAT) has greatly expanded in recent years. While originally ...
As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to ac...
Rapidly-spreading malicious software is an important threat on today’s computer networks. Most solut...
Network Address Translation or NAT, is a technology that is used to translate internal addresses to ...
This work provides an information-theoretic view to better understand the relationships between aggr...
The purpose of this article is to extend related research on the spread of malware in networks and t...
International audiencePublic IPv4 addresses are a scarce resource. WhileIPv6 adoption is lagging, Ne...
Abstract Localized scanning is a simple technique used by attackers to search for vulnerable hosts....
This document identifies two deployment scenarios that have arisen from the unconventional network t...
Abstract. Computer virus and worms perform randomly spyware and port-scanning to find a vulnerabilit...
Abstract. Sophisticated worms that use precomputed hitlists of vulnerable targets are especially har...
Some widely deployed protocols work transparently within NAT environments, but others fail completel...
<p>A botnet is a collection of computers infected by a shared set of malicious software, that mainta...
Abstract. Many Internet customers use network address translation (NAT) when connecting to the Inter...
Abstract only availableNetwork Address Translators (NATs) that map private addresses to public ones ...
The use of Network Address Translation (NAT) has greatly expanded in recent years. While originally ...
As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to ac...
Rapidly-spreading malicious software is an important threat on today’s computer networks. Most solut...
Network Address Translation or NAT, is a technology that is used to translate internal addresses to ...
This work provides an information-theoretic view to better understand the relationships between aggr...
The purpose of this article is to extend related research on the spread of malware in networks and t...
International audiencePublic IPv4 addresses are a scarce resource. WhileIPv6 adoption is lagging, Ne...
Abstract Localized scanning is a simple technique used by attackers to search for vulnerable hosts....
This document identifies two deployment scenarios that have arisen from the unconventional network t...
Abstract. Computer virus and worms perform randomly spyware and port-scanning to find a vulnerabilit...
Abstract. Sophisticated worms that use precomputed hitlists of vulnerable targets are especially har...